Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

newly created DNS set up to automatically replicate with a dns server at remote site that it doesn't have a connection to

Posted on 2013-10-30
5
Medium Priority
?
483 Views
Last Modified: 2013-10-30
We have a main site with 2 dns 2008r2 servers that replicate to dns/ad servers at remote sites and they have a vpn tunnel to every site.
There are tunnels built via cisco ASA between the sites, but there is not a tunnel between every site.
I added a new DNS to a remote site on server 2003. It automatically generated an NTDS Settings in AD sites and Services to replicated with our main server at the main site but also a dns at the remote site that it does not have a vpn tunnel to. Therefore I am getting replication errors.  I was always told to not mess with the automatically generated ones, so is it okay to delete this?
0
Comment
Question by:jtano
  • 3
  • 2
5 Comments
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39612178
You need to create AD sites and service topology as per physical connectvity.It seem you have hub and spoke topology.See below thread how to create the same.

http://social.technet.microsoft.com/Forums/windowsserver/en-US/c92ba0ed-4652-4098-bdcf-8b9f8803c9aa/site-link-bridge?forum=winserverDS
0
 

Author Comment

by:jtano
ID: 39612533
So on the new server I went under Inter site Tansports and under IP where my dafaultIPSITELINK is I clicked to add a new Site link and in this link just put the remote site rr and the main site cc in.  In the default site link I took out the remote rr so it won't try to replicate with the remote site V v. Now I just wait for it to replicate. Does this sound correct?
0
 

Author Comment

by:jtano
ID: 39612548
I guess I should ask if I disable the site link bridge do I need to manually set up the ones that are already replicating correctly ( it is enabled now) or doing the way I said above will that work okay without disabling?
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 2000 total points
ID: 39612840
Lets assume you have 4 site Site A/B/C/D and site A is hub site.So the topology will look like this

- Create site for all four site A,SiteB...
- Create site link a below(Add the two sites in each specific connector).
SiteA- SiteB
SiteA-SiteC
SiteA-SiteD
-Disable bridging:http://technet.microsoft.com/en-us/library/cc738789(v=ws.10).aspx
- Ensure that you also create subnets and map to specific.

Once done wait for replication kcc will create the required topology.If you have created any manual connection delete the same as it is not recommended.http://blogs.technet.com/b/markmoro/archive/2011/08/05/you-are-not-smarter-than-the-kcc.aspx
0
 

Author Comment

by:jtano
ID: 39613165
Okay. I was confused becuase it was alrady disabled for IP but it set up a replication to a server it can't reach?  I think its good now thanks for the links they were very helpful.
I set up a new link and deleted the bad one. At least its replicating now.
Thanks
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question